settmaint[.]exe | Triage

Sharing

General

Target

settmaint.exe
Size

747KB
MD5

1a27de0fdd0bc6fde7104d8766be7c50
SHA1

df6d6ef5148ef0ba6c2ebe098c46dc36ca3ea11f
SHA256

dd2e0014bad6956fbed60022ced153eb5111185108844ec1b299dd4bb8249a40
SHA512

05ad7edc9ce7deac0d600f022b2587edbd921f0d508a0ee78687d4182d0a90d44076576dd78dfbcc3941a11779664e13f319957fc5bbe466d3819c13433b53bb
SSDEEP

12288:c7De0xJ5w/K0CY5O+j8hZSHs6Sx/d/HHWW7LP2pCdQ0BbWrxEMZh6SiY6CkVve:c7DM/55Rj8Z/pWWXP2p5Kbo1h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
settmaint.exe

Files

settmaint.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

OWJukl
Size: 698KB - Virtual size: 697KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ